I am trying to use Forms-based authentication. I followed MS Support Q301240
article. I want to control access to a folder (swhouse) and its contents.
Below is the sample of actual web.config.
<configuration>
<location path="swhouse" >
<system.web>
<authentication mode="Forms">
<forms name=".partnerslogin"
loginUrl="/CompanyWebsite/partnerlogin.aspx" protection="All"
timeout="30" path="\"></forms>
</authentication>
<authorization>
<allow users = "asim" />
<deny users="?"/>
</authorization>
</system.web>
</location>
<location>
<system.web>
<compilation defaultLanguage="c#" debug="false" />
<authentication mode="None"/>
<trace enabled="false" requestLimit="10" pageOutput="false"
traceMode="SortByTime" localOnly="true" />
<sessionState mode="InProc" stateConnectionString="tcpip=127.0.0.1:42424"
sqlConnectionString="data source=127.0.0.1;user id=sa;password="
cookieless="false" timeout="20" />
<globalization requestEncoding="utf-8" responseEncoding="utf-8" />
</system.web>
</location>
</configuration>
Next I created a webform and named it partnerlogin.aspx. This page contains
2 textboxes, for user name and password, and a submit button, when the user
clicks the submit button the following code is executed (at this time it does
not include any kind of user name validation as I wanted to get this working
first)
private void btnLogin_Click(object sender, System.EventArgs e)
{
try
{
// authenticate user...
// after authentication send to appropriate page or presentation
FormsAuthenticationTicket ticket = new FormsAuthenticationTicket(
1,
"asim",
System.DateTime.Now,
System.DateTime.Now.AddMinutes(30),
true,
"",
FormsAuthentication.FormsCookiePath);
// Encrypt the ticket.
string encTicket = FormsAuthentication.Encrypt(ticket);
// Create the cookie.
Response.Cookies.Add(new HttpCookie(FormsAuthentication.FormsCookieName,
encTicket));
// Redirect back to original URL.
string strRedirect =Request["ReturnUrl"];
if (strRedirect==null)
strRedirect = "partnerlogin.aspx";
Response.Redirect(strRedirect, true);
Response.Redirect(FormsAuthentication.GetRedirectU rl("asim", false));
}
catch (SystemException SysExp)
{
lblErrorMessage.Visible = true;
lblErrorMessage.Text = SysExp.Message;
}
}
Now the problem I am seeing is that the page I am trying to access never
gets rendered. But if I remove <deny users="?"/> from web.config the page
gets rendered. So it seems that I am doing something wrong but I can't
figure what. Any help will be greatly appreciated.
Thanks
Asim